| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Feb 2004 22:06:54 +0000 From: Luigi Auriemma <aluigi@...ervista.org> To: webmaster@...uriteinfo.com, bugtraq@...urityfocus.com Subject: Re: TrackMania Demo Denial of Service > TrackMania Demo Denial of Service > The original document can be found at > http://www.securiteinfo.com/attaques/hacking/trackmaniados.shtml Also Virtual Skipper 3 is vulnerable so the problem is in the game engine developed by Nadeo (http://www.nadeo.com) > The multiplayer game use TCP port 2350 to communicate. If you send some > garbage to this port, it will shutdown the game server. Not exactly garbage data but too long values, in fact the game uses 32bit numbers to specify the size of the data that follows so this seems the cause of the server crash. Another simple test is the modification of the 32bit values in the UDP query packets used to define the length of some strings. > The multiplayer demo of this game > is subject to denial of service. Due the type of bug probably also the retail version is vulnerable. Who bet? BYEZ --- Luigi Auriemma http://aluigi.altervista.org
Powered by blists - more mailing lists